ByteWhite1x1 / PatchGuardResearch
Bypassing kernel patch protection runtime
☆19Updated last year
Related projects: ⓘ
- Hijack NotifyRoutine for a kernelmode thread☆40Updated 2 years ago
- Patches DSE by swapping both data ptrs located in SeValidateImageHeader && SeValidateImageData☆19Updated 7 months ago
- ☆19Updated 7 months ago
- UnknownField is a tool based clang that obfuscating the order of fields to protect your C/C++ game or code.☆44Updated last year
- POC Hook of nt!HvcallCodeVa☆49Updated last year
- ☆15Updated this week
- ☆24Updated 3 years ago
- ☆12Updated 2 years ago
- ☆21Updated last year
- Compileable POC of namazso's x64 return address spoofer.☆46Updated 4 years ago
- Bypasses for Windows kernel callbacks PatchGuard protection☆42Updated 3 years ago
- An extended proof-of-concept for the CVE-2021-21551 Dell ‘dbutil_2_3.sys’ Kernel Exploit☆23Updated 3 years ago
- detect hypervisor with Nmi Callback☆32Updated last year
- ☆18Updated last year
- PAGE_GUARD based hooking library☆38Updated 2 years ago
- RWX Section Abusing☆16Updated 10 months ago
- ☆23Updated last year
- hooks gServerHandlers xxxEventWndProc☆12Updated 2 years ago
- ☆33Updated this week
- Windows Research Kernel VS2022 Solution☆22Updated 2 weeks ago
- Intraceptor intercept Windows NT API calls and redirect them to a kernel driver to bypass process/threads handle protections.☆27Updated 2 years ago
- hook KeyboardClassServiceCallback to prevent messing up sistema☆18Updated 10 months ago
- ☆31Updated last year
- ☆19Updated this week
- ☆11Updated 3 years ago
- A poc that abuses Enclave☆36Updated 2 years ago
- search for a driver/dll module that has a wanted section bigger than the size of your image☆21Updated 3 years ago
- ☆56Updated 2 years ago
- ☆19Updated 2 years ago
- This driver hooks a device object for ioctl and uses mdls to allocate physical pages and manually injects an entry into a process's page …☆11Updated last year